AWS IAM Engineer migration

Job Description:

As an AWS IAM Engineer, you will play a pivotal role in managing and securing our AWS environments through effective Identity and Access Management (IAM) practices, with a strong emphasis on deploying IAM solutions. You will work closely with DevOps, Security, and other teams to ensure secure and efficient access to AWS resources.

Your work will directly contribute to enhancing the security and compliance of our AWS environments, ensuring an intuitive and secure user experience.

Key Responsibilities:

1. IAM Operations:
• Operate & perform IAM security-related service requests for internal customers.
• Respond to related IAM security consultations, investigations, and inquiries.
2. IAM Design and Implementation:
• Design, implement, and manage AWS IAM policies, roles, and groups with GitHub tools.
• Manage permission sets and other baselines via a GitHub repository to ensure version control and collaborative management of IAM configurations.
3. Security and Compliance:
• Ensure compliance with internal security policies and external regulations (e.g. GDPR)
• Conduct regular audits and reviews of IAM configurations and permissions.
4. Collaboration and Support:
• Work closely with DevOps and other teams to integrate IAM solutions with GitHub.
• Provide support and training to team members on IAM-related issues.
5. Monitoring and Reporting:
• Identify & mitigate potential security risks related to IAM & elevation of privileged access.
• Leverage Access Analyzer to ensure that the least privileged access is applied.
6. Automation and Optimization:
• Leverage automation tools to streamline IAM provisioning and manage access requests

Skills:

• Strong understanding of IAM policies, roles, and permissions.
• Proficiency in IaC tools such as AWS CloudFormation or Terraform.
• Experience managing IAM enforcements via a GitHub repository.
• Competent with IAM Identity Center & AFT.
• Experience in integration with third-party Identity Providers through SAML and OIDC, such as Entra ID (Azure AD)
• Excellent problem-solving skills and attention to detail.
• AWS Certified Security – Specialty is highly advantageous.
• Ability to work collaboratively in cross-functional and diverse teams
• Strong communication skills with the ability to explain complex concepts to technical and non-technical stakeholders

Additional Qualifications:

• Working knowledge of AWS security services & features to provide a secure production environment.
• Ability to make tradeoff decisions regarding cost, security, and deployment complexity to meet a set of application requirements.
• Understanding of specialized data classifications and AWS data protection mechanisms.
• Knowledge of data-encryption methods and AWS mechanisms to implement them.
• Understanding of secure internet protocols and AWS mechanisms to implement them.